Error updating properties for <user_name> [c004427A] The AssistantAdmin does not have enough p (NETIQKB25981)

  • 7725981
  • 02-Feb-2007
  • 19-Jun-2007

Resolution

fact
Directory and Resource Administrator 6.60

symptom
Error updating properties for <user_name> [c004427A] The Assistant Admin does not have enough powers to run the UserSetInfo operation.

symptom

If an Assistant Admin attempts to use the Directory and Resource Administrator Web Console to reset a user account's password, the following error may occur:

Error updating properties for <user_name>.
[c004427A] The Assistant Admin does not have enough powers to run the UserSetInfo operation.



symptom
The same Assistant Admin is able to perform the same operation successfully using the MMC interface.

cause

The issue occurs when the ActiveView under which the Assistant Admin is performing these actions delegates both the View User Account Properties power and the Password - Modify a User Account power.  The View User Account Properties power exposes all flags in the userAccountControl property, including the User must change password at next logon flag.  While the View User Account Properties power exposes the flag, it does not delegate to the Assistant Admin the ability to modify it.  Thus, when the Web Console attempts to set this flag automatically when an Assistant Admin resets a user account's password, the error listed above is generated.



fix

Hotfix 26323 corrects this situation, modifying the Web Console operation to correctly interpret these powers when both are delegated in the same ActiveView.

To install this hotfix, run the DRA66000_Hotfix26323a.exe file on the Administration server.

This hotfix modifies the following files on the Web component computer:

  • AccountManagement/Computers/ComputerCreate/TaskMain.asp
  • AccountManagement/Computers/ComputerCreate/TaskMessages.asp
  • AccountManagement/Groups/GroupCreate/TaskMain.asp
  • AccountManagement/Groups/GroupUpdate/GeneralTabMain.asp
  • AccountManagement/Groups/GroupUpdate/GeneralTabMessages.asp
  • AccountManagement/Users/UserClone/Properties.asp
  • AccountManagement/Users/UserCreate/TaskMain.asp
  • AccountManagement/Users/UserResetPassword/Properties.asp
  • AccountManagement/Users/UserUpdate/DialInTabMain.asp
  • AccountManagement/Users/UserUpdate/ProfileTabMain.asp
  • AccountManagement/Users/UserUpdate/StatsTabMain.asp
  • AccountManagement/Users/UserUpdate/StatsTabMessages.asp
  • AccountManagement/Users/UserUpdateNT4/DialInTabMain.asp
  • AccountManagement/Users/UserUpdateNT4/ProfileTabMain.asp
  • AccountManagement/Users/UserUpdateNT4/StatsTabMain.asp
  • AccountManagement/Users/UserUpdateNT4/StatsTabMessages.asp
  • AccountManagement/Users/UserVitalStats/Properties.asp
  • AccountManagement/Users/UserVitalStats/TaskMessages.asp
  • AccountManagement/Users/UserVitalStatsNT4/Properties.asp
  • AccountManagement/Users/UserVitalStatsNT4/TaskMessages.asp
  • Common/Scripts/LocalizeDate.asp
  • Common/Scripts/SearchForms/UserGroupBrowse/TaskMain.asp
  • Common/Scripts/SearchForms/UserGroupBrowse/TaskMessages.asp

By default, these files are located in the C:\Inetpub\wwwroot\DRAWeb\WebConsole\BuiltIn folder of servers with the DRA Web Component installed.



note

Hotfix 26323 also corrects other issues that are listed in the following Knowledge Base article:



Additional Information

Formerly known as NETIQKB25981

Feedback service temporarily unavailable. For content questions or problems, please contact Support.